The webshop of noted U.S. department store company Macy’s has been compromised and equipped with an information-stealing JavaScript, which ended up collecting users’ personal and payment card information for a week. According to the notice sent by Macy’s to affected customers, the breach was discovered on October 15, 2019, after they were alerted to a suspicious connection between macys.com and another website.
Louisana's state government has responded to a suspected ransomware attack by shutting down many of its websites and email systems. Every agency in the state (population 4.6 million) has been affected by the shutdown following the attack which follows a spate of other ransomware onslaughts targeting small US towns and cities in recent months. Governor John Bel Edwards confirmed the attack via Twitter, saying the Office of Technology Services (OTS) identified a "cyber security threat" and immediately initiated its security protocols.
It looks like scammers are impersonating one of Russia’s most notorious hacking groups in order to extort victims out of thousands of dollars worth of bitcoin. Multiple companies have reported to the security vendor Akamai that they were hit with a distributed denial-of-service attack, which degrades victims’ web services by overwhelming them with fake traffic. After a brief DDoS hit, victims say they receive an extortion note from a group claiming to be Cozy Bear, a state-sponsored Russian hacking group.
During the first half of 2019, the Shade Ransomware (also known as Troldesh) was the most actively distributed malware via malicious email phishing campaigns according to Singapore-based Group-IB security outfit. Out of all malspam emails detected and examined by Group-IB’s Computer Emergency Response Team (CERT-GIB), Shade Ransomware was the main malware strain used by attackers to infect their targets' computers in H1 2019.
Researchers have discovered a new multi-platform backdoor that infects Windows and Linux systems allowing the attackers to run malicious code and binaries on the compromised machines. The malware dubbed ACBackdoor is developed by a threat group with experience in developing malicious tools for the Linux platform based on the higher complexity of the Linux variant as Intezer security researcher Ignacio Sanmillan found.
A phishing campaign that uses legitimate organizations’ Office 365 infrastructure to send emails has emerged onto the cyberscam scene. According to Michael Tyler at PhishLabs, cybercriminals are looking to compromise Microsoft Office 365 administrator accounts to send out phishing lures – thus ensuring the emails come from legitimate, validated domains.
Mobile apps that work with Bluetooth devices have an inherent design flaw that makes them vulnerable to hacking, a research has found. The problem lies in the way Bluetooth Low Energy devices communicate with the mobile apps that control them, said Zhiqiang Lin, associate professor of computer science and engineering at The Ohio State University. “There is a fundamental flaw that leaves these devices vulnerable – first when they are initially paired to a mobile app, and then again when they are operating,” Lin said.
Until recently, weaknesses in Android camera apps from Google and Samsung made it possible for rogue apps to record video and audio and take images and then upload them to an attacker-controlled server—without any permissions to do so. Camera apps from other manufacturers may still be susceptible. The weakness, which was discovered by researchers from security firm Checkmarx, represented a potential privacy risk to high-value targets, such as those preyed upon by nation-sponsored spies.